September 12th, 2013

This is a description of intent, with some rationale. Maybe some of this will be useful for you. If nothing else, some advice would also be appreciated. So. What is is this about? I have decided to make some changes in my electronic life. I will not make all the changes immediately, and I don’t have any complete plans yet – this is the outlines for a long term plan.

My current situation

I have used a MacBook as my main computer for the last 7 years. I do a lot of development in different environments, and when I switched, MacOS X coupled with the hardware allowed me to get more things done without dealing with stuff I didn’t want to deal with. But MacOS X also afforded me the possibility of tweaking and changing many of the parts of the OS when I needed to do that.

I have several email accounts, most of them are GMail in one variety or another. I also use several other pieces of the Google ecosystem.

ITunes is my main music player. I have lots of music and other things that I regularly sync with my IPad and IPhone – both of whom I depend a lot on in my day-to-day life.

This blog and a few other services are hosted on Rackspace.

In addition to an IPhone, I also have a Galaxy Note 2. I use both phones and the IPad extensively.

I currently store most of my life inside of 1Password.

I use Dropbox for sharing files and information between different people and devices.

Why I want to change

Fundamentally I am a believer in free software. I believe that open ecosystems are better than closed ones, and I believe that monocultures are extremely bad in the long run. I am not a huge fan of centralization, and I don’t like the anglocentric focus of our industry. I am not a huge fan of having all my electronic life hosted under the auspices of US legislation, especially not in light of recent events. I am also getting more and more uncomfortable with closed services and software that I can’t inspect.

But looking at the various things that define my electronic life, it’s clear that my day-to-day actions speak a very different message from my beliefs. So I am going to change that. Of course I realize that this might be painful. There are many things that a monocolture does quite well. It’s a local optima for certain problems. But as part of this effort I will have to take a hit in productivity to stand for what I believe in.

What I will change to

I have not completely decided all the particulars of the direction I’m going to take. Since it will be a long term effort, I can take it step by step. The first and probably biggest step is that I will migrate from an Apple laptop as my main programming device. I will instead run a System76 Gazelle with Debian 7.

Of course, switching back to Linux will mean that several things will be easier to switch to – I won’t be able to keep using some of my usual tools.

Open questions

There are a whole slew of open questions in this quest. The biggest one is probably what to do about mobile phones. None of the smartphones out there are particularly open while being strong enough for daily use. Maybe the Ubuntu Edge will be that phone at some point, but for now I’m not sure.

A password manager is also a requirement. I really like 1Password, but since it is closed source I am uncomfortable keeping my credentials there much longer. The only viable alternative seems to be KeePassX. I haven’t tried it yet, but since it hasn’t seen updates for several years, that doesn’t strike me as very confidence inspiring.

I want to get out of GMail, but I have no idea where I will go. I might host for myself, but that comes with a significant burden.

I currently run my servers on Rackspace. I need to change that to something that is hosted in a better legal framework, but there are not that many good cloud providers out there.

September 11th, 2013

This summer has given confirmation to many things that technologists only guessed before. We know much more about what the NSA, GCHQ and other intelligence services are doing around the world, how they are subverting privacy and security in the name of fighting terrorism. All of this is primarily thanks to Edward Snowden, Laura Poitras and Glenn Greenwald – with the help of many other courageous people. For the technically inclined, last weeks revelations about how the NSA is pursuing a broad program to subvert all kinds of encryption was probably one of the most worrying releases. But right now we’re also seeing a strong backlash against Greenwald, claiming that he should be releasing the names of technologies broken, the companies involved and who specifically is complicit in all this. A lot of people are ascribing malicious intentions to Greenwald for keeping these things to himself. I would just like to add two things to the debate:

First, it is highly likely that Snowden did not in fact have access to what specific technologies were broken. It might not exist in the papers he gave to Greenwald and others. As far as we know, Snowden was not cleared for BULLRUN and related programs, and the fact that we know about them is because he managed to get access to protected documents he wasn’t supposed to be able to access. So I think it’s only fair to give Greenwald the benefit of the doubt – he might not be able to tell us the specific algorithms that are broken. Let’s not immediately jump to the conclusion that he is acting maliciously.

When it comes to what companies and people are complicit in these issues, in the short term it would be very useful for us to know. I suspect there are good reasons why this information hasn’t been released yet – but let’s not forget that many companies have been outed as cooperating in one way or another under the PRISM program.

The big problem is this – for us technologists to stop future BULLRUN programs to happen we need to build new organizational structures. We need to guard ourselves from compromised algorithms and hardware chips with backdoors. In order to do that we need to change how we do these things – and this will require long term cultural fixes. And even though it would be very satisfying in the short term to know what companies and people to be angry at, in the long run we need to build up an immune system that stops this from happening again.

This all said – I’m dying to know all these details myself. I think it’s pretty human. But let us not lose sight of the real battle.

I am a developer working for ThoughtWorks in Chicago, US. I have a large interest in programming languages and artificial intelligence. I am a core developer of JRuby, created the Ioke language and am the author of Practical JRuby on Rails Projects, and coauthor of Using JRuby and The ThoughtWorks Anthology (2nd Edition).